19 posts in this topic

say you know the chip set for a target system, and you've already coded (or know the instruction code) to shut the system down. can you (only using binary code) execute this task? or hacking through binary is impossible?

0

Share this post

Link to post

Share on other sites

It's easy to stop a system and mess with memory when it's designed for it. Many embedded systems support a ROM monitor that would allow such operation. Finding a way to jam bytes into memory and jump to them is a large part of remote exploitation.

It's easy to stop a system and mess with memory when it's designed for it. Many embedded systems support a ROM monitor that would allow such operation. Finding a way to jam bytes into memory and jump to them is a large part of remote exploitation.

thank you for the reply. another question, in hopes of clarifying for me;

so with knowledge of ROM exploiting, I could potential say fry a mobo or cpu on a target system with only binary data being sent from my attacking system to the attacked system correct?

I am a currently a student in the IT field thinking about going into the security sector and was trying to get a good direction in which to begin studying for a side project related to OS protection utilizing a virus/trojan style system focused on direct hardware attacks of the attacker(s) system(s). I tried asking this very same question in an irc room and as expected, was met with elitist attitude and didn't receive any help other than being a "moron" lol.

Edited February 3, 2015 by ZipWun

0

Share this post

Link to post

Share on other sites

I don't really think you could "fry" a motherboard or CPU by feeding it code, your best bet would probably be to put too much electricity where it shouldn't be. You'd have to get physical access to the machine and tamper with its power supply unit (e.g. putting +12 VDC onto a rail assigned to -3.3VDC). Or just wire 120/240 VAC straight to the board and plug it into the wall. (DO NOT try this!)

I suppose theoretically it might be possible to execute some sort of loop that's so computationally intense that it makes the CPU go into thermal overload and cook itself. Conscientously-implemented CPU cooling equipment is designed to prevent (or at least minimize) this. Considering how filthy the insides of a lot of used PCs I've seen/received tend to be, I'm surprised this doesn't happen more often than it does through normal use!

If nothing else ask yourself, "how would Aussie50/Photonicinduction/rodalco2007 do this?".

I don't really think you could "fry" a motherboard or CPU by feeding it code, your best bet would probably be to put too much electricity where it shouldn't be. You'd have to get physical access to the machine and tamper with its power supply unit (e.g. putting +12 VDC onto a rail assigned to -3.3VDC). Or just wire 120/240 VAC straight to the board and plug it into the wall. (DON'T try this unless you really really really know what you're getting into!)

I suppose theoretically it might be possible to execute some sort of loop that's so computationally intense that it makes the CPU go into thermal overload and cook itself. Conscientously-implemented CPU cooling equipment is designed to prevent (or at least minimize) this. Considering how filthy the insides of a lot of used PCs I've seen/received tend to be, I'm surprised this doesn't happen more often than it does through normal use!

If nothing else ask yourself, "how would Aussie50/Photonicinduction/rodalco2007 do this?".

Thank you for the reply scratchycarrier, and sorry for not explicitly stating how binary code would fry the mobo or cpu but I meant to say what you had touched upon and that's sending excess voltage to the cpu (basically overclocking it without the user being aware of it happening) and slowing or stopping the cooling fan(s). and lol, yea I expected alot of my systems to use the dust bunnies as 'gas to the fire' and surprised it didn't catch.

sorry for being ignorant on the following, but who are those 3 that you've named?

Edited to add: I found a Aussie50 youtube channel, and no nothing that crazy. just a way to cripple an attacking system by totally rendering their systems useless. that's why I was asking about binary hacking, maybe my idea is too vague right now.

Edited February 5, 2015 by ZipWun

0

Share this post

Link to post

Share on other sites

They're some guys in Australia/England/New Zealand (respectively) who like to fry expensive toys. Photonicinduction is the guy who I guess started the whole "spastic washing machine" thing but Aussie kind of helped make it famous. Some of Photon's earlier stuff did start getting pretty crazy after a while but I guess he took most of that stuff down when he returned from hiatus a few years back as "Photonvids". My understanding is he feared people would actually try to reproduce it and end up frying themselves, and he'd be possibly setting himself up for litigation. (You know how people are these days.)

Check out the one where Aussie takes a MOT to a dead Play-Station II motherboard and makes the "emotion engine" go emo.

1

Share this post

Link to post

Share on other sites

I accidentally set the voltage WAY to high while overlocking once. I saw smoke and about a six in flame, followed by that expensive smell. It just fried the FSB. Luckily my CPU, RAM, and video cards were unscathed.

*six inch

1

Share this post

Link to post

Share on other sites

They're some guys in Australia/England/New Zealand (respectively) who like to fry expensive toys. Photonicinduction is the guy who I guess started the whole "spastic washing machine" thing but Aussie kind of helped make it famous. Some of Photon's earlier stuff did start getting pretty crazy after a while but I guess he took most of that stuff down when he returned from hiatus a few years back as "Photonvids". My understanding is he feared people would actually try to reproduce it and end up frying themselves, and he'd be possibly setting himself up for litigation. (You know how people are these days.)

Check out the one where Aussie takes a MOT to a dead Play-Station II motherboard and makes the "emotion engine" go emo.

Thanks, I'll check out Aussie's MOT video now.

Edited to add: Lol, doubt I'll be trying anything that intense but I still found value in the video. thanks for this suggestion again.

I accidentally set the voltage WAY to high while overlocking once. I saw smoke and about a six in flame, followed by that expensive smell. It just fried the FSB. Luckily my CPU, RAM, and video cards were unscathed.

*six inch

Lol I could imagine the feeling, but atleast the CPU and Vid-cards didn't get fried. what voltage level and which process was this if you don't mind my asking.

Share this post

Link to post

Share on other sites

What you need is a decompiler for whatever target code you are working with.

off the shelf if its a common system, or your own if you need to reverse engineer the instruction set.

Then a hex editor to actually edit it.

common "cracks" include modifying a jump at a certain point in the hex to run new code, or turning compare statements into no ops to prevent code going down certain branches.

It's quite a "fun" personal challenge, very steep learning curve if you aren't familiar with the inner workings of computers.

e.g. back in the day, I turned three or four cmps into no ops in an obscure horrible piece of software my then to be wife had to use for uni and we couldn't afford to pay for "again". that disabled it's licence check and let her finish that bit of the course, never to use it again.

lots of ways to make this harder, but if you know the instruction set and you can access any raw bootloader code. all it takes is time.

Share this post

Link to post

Share on other sites

What you need is a decompiler for whatever target code you are working with.

off the shelf if its a common system, or your own if you need to reverse engineer the instruction set.

Then a hex editor to actually edit it.

common "cracks" include modifying a jump at a certain point in the hex to run new code, or turning compare statements into no ops to prevent code going down certain branches.

It's quite a "fun" personal challenge, very steep learning curve if you aren't familiar with the inner workings of computers.

e.g. back in the day, I turned three or four cmps into no ops in an obscure horrible piece of software my then to be wife had to use for uni and we couldn't afford to pay for "again". that disabled it's licence check and let her finish that bit of the course, never to use it again.

lots of ways to make this harder, but if you know the instruction set and you can access any raw bootloader code. all it takes is time.

(old post I did't send a few days ago)

Thank you for this information. I am not a jedi-knight in the knowledge of computer internals yet, but I am working towards learning them.

Share this post

Link to post

Share on other sites

What you need is a decompiler for whatever target code you are working with.

off the shelf if its a common system, or your own if you need to reverse engineer the instruction set.

Then a hex editor to actually edit it.

common "cracks" include modifying a jump at a certain point in the hex to run new code, or turning compare statements into no ops to prevent code going down certain branches.

It's quite a "fun" personal challenge, very steep learning curve if you aren't familiar with the inner workings of computers.

e.g. back in the day, I turned three or four cmps into no ops in an obscure horrible piece of software my then to be wife had to use for uni and we couldn't afford to pay for "again". that disabled it's licence check and let her finish that bit of the course, never to use it again.

lots of ways to make this harder, but if you know the instruction set and you can access any raw bootloader code. all it takes is time.

(old post I did't send a few days ago)

Thank you for this information. I am not a jedi-knight in the knowledge of computer internals yet, but I am working towards learning them.

Lecture 03 Bits, Bytes and Data Types - School of Computer Science

stick that in google should start you on the road.

No one is anymore. back in the day when compiler bugs were common, only way to fix certain problems was to delve in the compiled code and step through to find out what went wrong.

These days of java byte codes .Net and server side languages often even the coder doesnt get to see the final code.

Share this post

Link to post

Share on other sites

What you need is a decompiler for whatever target code you are working with.

off the shelf if its a common system, or your own if you need to reverse engineer the instruction set.

Then a hex editor to actually edit it.

common "cracks" include modifying a jump at a certain point in the hex to run new code, or turning compare statements into no ops to prevent code going down certain branches.

It's quite a "fun" personal challenge, very steep learning curve if you aren't familiar with the inner workings of computers.

e.g. back in the day, I turned three or four cmps into no ops in an obscure horrible piece of software my then to be wife had to use for uni and we couldn't afford to pay for "again". that disabled it's licence check and let her finish that bit of the course, never to use it again.

lots of ways to make this harder, but if you know the instruction set and you can access any raw bootloader code. all it takes is time.

(old post I did't send a few days ago)

Thank you for this information. I am not a jedi-knight in the knowledge of computer internals yet, but I am working towards learning them.

Lecture 03 Bits, Bytes and Data Types - School of Computer Science

stick that in google should start you on the road.

No one is anymore. back in the day when compiler bugs were common, only way to fix certain problems was to delve in the compiled code and step through to find out what went wrong.

These days of java byte codes .Net and server side languages often even the coder doesnt get to see the final code.

Thanks again mate!

I'll definitely look that lecture up.

I'm going to teach myself some programming language, just have to figure which one to go for first.

Share this post

Link to post

Share on other sites

javascript: do stuff in a webpage on the person looking at the pages computer (used a lot with html5)

java: (my favorite) "heavy lifting" server side stuff

php/asp:quick and dirty server side stuff on cheap web hosting

c/c++/C#: installed programs on peoples computers or modules where you want calculations to complete really fast. gives you more access to things offered by the operating system, at the expense of having to care about the operating system.

python: not really found a use for it, seems to be a nice "beginner" language, lot of games companies seem to use it for their games like html5 uses javascript.

is about the "current state of affairs". they'll be others.

my suggestion really to start, would be modding something like the doom 3 sourcecode.